Brand exploitation by cyber criminals raises alarm in UAE, Saudi

A new report by cybersecurity firm Mimecast shows that 74 per cent of organisations in Saudi Arabia and UAE are concerned about a web domain, brand exploitation, or site spoofing attacks, as concerns over brand exploitation grow.

Cybercriminals are acutely aware of the ease with which they can register lookalike domains and launch sophisticated attacks impersonating trusted brands that are nearly indistinguishable from the real thing. It’s become common for malicious actors to use our favourite retailers or other loved brands and services to trick people into handing over money or sensitive information. And it’s becoming harder for these brands to continue to avoid responsibility.

In the UAE, 50 per cent of organisations admit they are very concerned about an attack that directly spoofs their email domain, compared to a global average of 40 per cent, the Mimecast State of Email Security Report reveals.

Read: Can regional firms afford cybersecurity breaches amid virus concerns?

Domain-based Message Authentication, Reporting & Conformance (DMARC), an email validation system designed to uncover anyone using a brand’s domain without authorisation, should be in every organisation’s cybersecurity toolkit. However, only 40 per cent of respondents in Saudi Arabia were using DMARC although all were aware of it. Among UAE respondents, 98 per cent were aware of it while only 34 per cent were using it.

All of the countries surveyed in this year’s report expect web and email spoofing attacks to increase in the coming year, but Saudi Arabia and UAE organisations were among the ones on highest alert with 52 per cent and 54 per cent respectively, predicting an increase.

On average UAE organisations were made aware of six web or email spoofing attacks in the last year, while KSA organisations were made aware of seven.